Documentation / admin-guide / LSM / tomoyo.rst


Based on kernel version 6.11. Page generated on 2024-09-24 08:21 EST.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
======
TOMOYO
======

What is TOMOYO?
===============

TOMOYO is a name-based MAC extension (LSM module) for the Linux kernel.

LiveCD-based tutorials are available at

https://tomoyo.sourceforge.net/1.8/ubuntu12.04-live.html
https://tomoyo.sourceforge.net/1.8/centos6-live.html

Though these tutorials use non-LSM version of TOMOYO, they are useful for you
to know what TOMOYO is.

How to enable TOMOYO?
=====================

Build the kernel with ``CONFIG_SECURITY_TOMOYO=y`` and pass ``security=tomoyo`` on
kernel's command line.

Please see https://tomoyo.sourceforge.net/2.6/ for details.

Where is documentation?
=======================

User <-> Kernel interface documentation is available at
https://tomoyo.sourceforge.net/2.6/policy-specification/index.html .

Materials we prepared for seminars and symposiums are available at
https://sourceforge.net/projects/tomoyo/files/docs/ .
Below lists are chosen from three aspects.

What is TOMOYO?
  TOMOYO Linux Overview
    https://sourceforge.net/projects/tomoyo/files/docs/lca2009-takeda.pdf
  TOMOYO Linux: pragmatic and manageable security for Linux
    https://sourceforge.net/projects/tomoyo/files/docs/freedomhectaipei-tomoyo.pdf
  TOMOYO Linux: A Practical Method to Understand and Protect Your Own Linux Box
    https://sourceforge.net/projects/tomoyo/files/docs/PacSec2007-en-no-demo.pdf

What can TOMOYO do?
  Deep inside TOMOYO Linux
    https://sourceforge.net/projects/tomoyo/files/docs/lca2009-kumaneko.pdf
  The role of "pathname based access control" in security.
    https://sourceforge.net/projects/tomoyo/files/docs/lfj2008-bof.pdf

History of TOMOYO?
  Realities of Mainlining
    https://sourceforge.net/projects/tomoyo/files/docs/lfj2008.pdf